Do you still have that vars_files: thing? As Dick suggested, it feels like that file is getting loaded more than once, and you don't want that.
Is it at all possible that variables iptables_v4_rules and/or iptables_directory are being set anywhere else? *[If you want to toss the whole thing in a private repo that I can clone, or some other way get to me, I'm willing to take a look; I'm really curious to know how this is happening.]* On Tuesday, February 13, 2024 at 3:55:23 PM UTC-5 Kathy Lyons wrote: > Todd- thank you for clearing that up for me > > I made default.yml all.yml amd reran things with the same errors. > > I am running my roles from within a playbook like this. > > - roles > > - role1 > become: true > - role2 > become: true > > On Tue, Feb 13, 2024 at 2:51 PM Todd Lewis <[email protected]> wrote: > >> This bears repeating. I know I missed it the first few times I was told, >> and then the light came on. >> >> - All hosts are in the "all" group. (That much I got the first time. >> :) >> >> - Any files *or directories* in ./group_vars/ that match a host's >> group names – including "all" – get loaded for that host. It was the >> "or directories" part I didn't appreciate at first. For example, if a >> host >> is in the "foo" group, then the files ./group_vars/foo, or better, >> ./group_vars/foo.yml (the former won't be ansible-linted; the latter >> will be) get loaded for that host. But more than that, if >> ./group_vars/foo/ is a directory, then all the files within >> ./group_vars/foo/ get loaded for all hosts in the foo group. >> >> - That works even for groups that don't exist when the playbook >> starts but are created on-they-fly by, for example, the >> ansible.builtin.group_by module. This allows you to have amazingly >> crazy ad hoc groups – like "hosts the CEO has logged into in the last 30 >> minutes" – and still use relevant ./group_vars/ files in a >> straightforward way. >> >> We suffered a bit initially because in some of our projects different >> competing interests clashed over ownership of the ./group_vars/all.yml >> file. When we realized we could have files >> ./group_vars/all/interest_aaa.yml, ./group_vars/all/interest_bbb.yml, >> ./group_vars/all/interest_ccc.yml, ./group_vars/all/interest_ddd.yml, >> etc., then the competition for that namespace became cooperation, and >> things just got much easier. >> >> On 2/13/24 12:19 PM, Dick Visser wrote: >> >> >> >> On Tue, 13 Feb 2024 at 17:35, Kathy L <[email protected]> wrote: >> >>> When I make Todd's changes, I get the same original error EXCEPT it >>> tells me CentOS is not a dict, even though I am targeting a Debian box. >>> >>> Dick, are you saying that the file all.yml in the group_vars folder does >>> not need to be explicitly stated in my playbook? >>> >> >> Yes. >> It sounds like the vars file is somehow used twice, which I think (after >> Todd's comment) may screw up the level of laziness. >> (speculation on my side, but let's see) >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/CAF8BbLbksQ5HTbbD4xcofM8-e2LUQB8eAFDF5%2BYV%2BGOXv3J3%2BQ%40mail.gmail.com >> >> <https://groups.google.com/d/msgid/ansible-project/CAF8BbLbksQ5HTbbD4xcofM8-e2LUQB8eAFDF5%2BYV%2BGOXv3J3%2BQ%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> >> >> -- >> Todd >> >> -- >> > You received this message because you are subscribed to a topic in the >> Google Groups "Ansible Project" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/ansible-project/irvn6QeOB_w/unsubscribe >> . >> To unsubscribe from this group and all its topics, send an email to >> [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/4858ac06-ca17-447e-a345-d52724145520%40gmail.com >> >> <https://groups.google.com/d/msgid/ansible-project/4858ac06-ca17-447e-a345-d52724145520%40gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/027c5032-fe7c-4c52-9551-5ffbb17353den%40googlegroups.com.
